Siemens LOGO! 8 BM Improper Handling of Extra Values (CVE-2019-10920)

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Project data stored on the device, which is accessible via port 10005/tcp, can be decrypted due to a hardcoded encryption key. The security vulnerability could be exploited by an unauthenticated attacker wi...

Siemens LOGO! 8 Hard-Coded Cryptographic Key Vulnerability

Due to the use of a hard-coded cryptographic key, an attacker can put the integrity and confidentiality of encrypted data of all Siemens LOGO! 8 PLCs using this key at risk, for instance decrypting network communication during a man-in-the-middle attack. Siemens LOGO! 8 Hard-Coded Cryptographic K...

CVE-2019-10920

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Project data stored on the device, which is accessible via port 10005/tcp, can be decrypted due to a hardcoded encryption key. The security vulnerability could be exploited by an unauthenticated attacker wi...

CVE-2019-10920

CVE-2019-10920 affects Siemens LOGO! 8 BM (and SIPLUS variants) with all versions before 8.3. The issue is a vulnerability in which project data on the device, accessible via port 10005/tcp, can be decrypted due to a hard-coded encryption key, allowing an unauthenticated remote attacker to access...